Hack and / - Spam: the Ham Hack

Check out a few simple spam-fighting tweaks to two of my favorite open-source programs: mutt and Postfix.

When you think about it, all spam really is, is hacked ham. This is true
for both meanings of the word. In the food sense, it is composed of
hacked-up bits of pork that are reassembled to resemble (sort of) ham. In
the e-mail sense, spam is just hacked-up bits of text that are reassembled
so they somewhat resemble a legitimate e-mail you want to read (ham).

Countless articles talk about the open-source tools you can
use to reduce the amount of spam in your inbox, so I'm not going to write
yet another article about SpamAssassin, Razor/Pyzor, Spam Blackhole Lists
(SBLs) or even grey-listing, although I recommend looking into those
countermeasures if you haven't already done so. Instead, I
assume you already have these measures in place, so I'm
going to discuss a few extra tools that make spam management a bit more,
well, manageable.

Virtual Addresses in Postfix

I'm not a huge fan of Web-based e-mail, although for the longest time, I did
think it was a great tool for spam-catching. I would set up a free Web
e-mail account, and whenever I bought something on-line, I used that e-mail
address as a contact. Of course, whenever I bought something new, I'd have
to go into the account first and purge the mountain of spam that had
accumulated since the last time I used the account. The other downside was
that I still never knew which companies had sold out my e-mail address and
which ones kept it protected.

Since then, I've found an even better solution with virtual addresses in
Postfix. Now that I run my own mail server, I can set up as many e-mail
addresses as I want for free and have them all land in the same inbox. Not
only does this make it easier to find all my on-line receipts later, but also
because of the
way I set it up, I easily can find out which companies sold me out and block
only their e-mail messages.

Virtual addresses in Postfix work much like aliases work in most mail
servers. It provides you a way to set up a large series of To addresses
that your mail server will accept and map those addresses to one or more real
addresses on the server, or even forward e-mail to addresses on a completely
different server. All you have to do is set up a new database that defines
the mapping between virtual and real addresses, and then tell Postfix to
use it.

For this example, let's assume I have a mail server that already accepts
mail for example.net, and my personal account is kyle@example.net. Whenever
I set up a new account, either on a social network or an on-line
retailer (anything that could potentially send me spam), I set up a new
virtual address named after them and the year. Let's assume I created an
account on CompanyX's site, so I could buy a T-shirt and also registered a
new profile on TweetBookSpace—the new hip social-networking-meets-cell-phones-meets-LOLcats site.

First, I would create a regular text file called /etc/postfix/virtual that
contained the following entries:

All of the addresses in the left column correspond to addresses for which
Postfix will accept mail, and the right column tells Postfix to which real
account to forward the mail. Instead of an @localhost address, I
also could forward it to some other external e-mail address, or even list
multiple addresses separated by commas. Once I set up the file and
whenever I make any changes, I need to run the postmap command against it,
so that it creates the custom database file Postfix actually will read:

$ sudo postmap /etc/postfix/virtual

Finally, I just need to add some new lines to my /etc/postfix/main.cf to define
what domains I will use for my virtual aliases and tell it to use the file
I just created. I added only one domain here, but if you already have
multiple domains defined in your mydestination line, move as many as you
want managed by this file over to the virtual_alias_domains setting:

Then, I can run sudo postfix reload to reload my settings. If I start to
notice that I'm getting spam sent to companyx2009@example.net, all I
have to do to block that address is comment out that line in
/etc/postfix/virtual and run postmap again. Although it's not necessary to
add the year to the e-mail address, I've found that helps when I periodically
go through my old throwaway e-mail addresses and comment them out—after
all, I always can uncomment them the next time I want to order something.

Kyle Rankin is a director of engineering operations in the San Francisco Bay Area, the author of a number of books including DevOps Troubleshooting and The Official Ubuntu Server Book, and is a columnist for Linux Journal.

Trending Topics

Upcoming Webinar

Getting Started with DevOps - Including New Data on IT Performance from Puppet Labs 2015 State of DevOps Report

August 27, 2015
12:00 PM CDT

DevOps represents a profound change from the way most IT departments have traditionally worked: from siloed teams and high-anxiety releases to everyone collaborating on uneventful and more frequent releases of higher-quality code. It doesn't matter how large or small an organization is, or even whether it's historically slow moving or risk averse — there are ways to adopt DevOps sanely, and get measurable results in just weeks.